How can I block spam from my local domains?

I have been experimenting with a few different spamassassin configurations and finally spam emails are seemingly under control with the exception of spoofed emails from my own domain. I can verify that they are spoofed by looking at the headers, also our logs do not show any unusual authentications so I believe the network has not been compromised. So how can I block spoofed emails?

I have followed a number of suggestions there, and they have helped with the exception of the current problem. Greylisting looks like it could work however rejecting all email from my domain that doesnt come from the local server seems to be a more solid approach, I just can't find a tutorial on how to set that up. Thanks for the tip, going to do a bit of reading on the subject now.